jetlib.sec » Tags » excel

Feeds

268045 items (2 unread) in 27 feeds

• 0day.today (was: 1337day, Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines (2 unread)
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

167 items tagged "excel"

Related tags: txt [+], idefense security advisory [+], record [+], buffer overflow vulnerability [+], idefense [+], heap [+], cve [+], code microsoft [+], based buffer overflow [+], stack overflow [+], microsoft excel 2002 [+], buffer [+], code execution [+], microsoft excel [+], vulnerability [+], zdi [+], slyk [+], record stack [+], real time data [+], obj [+], microsoft security bulletin [+], microsoft office 2007 [+], heap corruption [+], excel user [+], excel code [+], office [+], zero day [+], zero [+], xls file [+], use [+], sxview [+], sp3 [+], rtd [+], overflow [+], opening [+], microsoft word documents [+], microsoft word document [+], mac [+], input validation [+], heap memory [+], handling [+], free microsoft excel [+], format [+], file format converter [+], day [+], dangling pointer [+], corruption [+], arbitrary code [+], apple security [+], memory corruption [+], wopt [+], whitepaper [+], validation error [+], type [+], spreadsheets [+], sp1 sp2 [+], size argument [+], remote [+], pivottable [+], overflow vulnerability [+], object pointer [+], ms10 [+], microsoft office xp [+], microsoft excel spreadsheets [+], microsoft corp [+], mergecells [+], hfpicture [+], excel worksheet [+], excel formula [+], excel data validation [+], dborparamqry [+], data [+], code [+], cache data [+], buffer overflow exploit [+], office excel [+], arbitrary code execution [+], safer use [+], xlsx [+], xlb [+], user [+], type mismatch [+], string [+], sst [+], series [+], security technologies [+], security holes [+], remote buffer overflow vulnerability [+], remote buffer overflow [+], realtimedata [+], real [+], poc [+], plugs [+], overwrite [+], oracle [+], officeimport [+], office xp [+], office 2000 [+], object [+], ms excel [+], mdxtuple [+], mdxset [+], malformed [+], lotus 1 2 3 [+], layer [+], invalid pointer [+], integer overflow vulnerability [+], integer overflow [+], ghost [+], framework [+], formula [+], fngroupname [+], featheader [+], externname [+], expoits [+], exploits [+], exploit [+], excel spreadsheet [+], excel security [+], entexu [+], edg [+], dbqueryext [+], core [+], conditional expression [+], bugtraq [+], bounds [+], biff [+], axis [+], art object [+], array [+], apple mobile [+], apple [+], activex data object [+], proof of concept [+], critical vulnerability [+], vulnerability research [+], buffer overflow [+], microsoft [+], memory [+], microsoft office [+]

• November 22, 2012
• 16:00

  Microsoft Excel Memory Corruption Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft Excel is prone to a remote code-execution vulnerability.

  Tags:  excel vulnerability microsoft memory-corruption code-execution microsoft-excel  

• November 18, 2012
• 16:00

  Microsoft Excel 'SerAuxErrBar' Heap Overflow Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft Excel is prone to a remote code-execution vulnerability.

  Tags:  excel vulnerability microsoft code-execution microsoft-excel heap  

• November 15, 2012
• 23:22

  Zero Day Initiative Advisory 12-184

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 12-184 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Excel's parsing of Feature11/Feature12 records. The process trusts a supplied counter value without validating its size and proceeds to use it within a copy operation to the stack. An attacker can abuse this to execute arbitrary code under the context of the user running Excel.

  Tags:  excel day zero excel-user zero-day arbitrary-code  

• 23:22

  Zero Day Initiative Advisory 12-184

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 12-184 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Excel's parsing of Feature11/Feature12 records. The process trusts a supplied counter value without validating its size and proceeds to use it within a copy operation to the stack. An attacker can abuse this to execute arbitrary code under the context of the user running Excel.

  Tags:  excel day zero excel-user zero-day arbitrary-code  

• 23:22

  Zero Day Initiative Advisory 12-184

   » ‎ Packet Storm Security Misc. Files
  Zero Day Initiative Advisory 12-184 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Excel's parsing of Feature11/Feature12 records. The process trusts a supplied counter value without validating its size and proceeds to use it within a copy operation to the stack. An attacker can abuse this to execute arbitrary code under the context of the user running Excel.

  Tags:  excel day zero excel-user zero-day arbitrary-code  

• 0:00

  Vuln: Microsoft Excel CVE-2012-2543 Buffer Overflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel CVE-2012-2543 Buffer Overflow Remote Code Execution Vulnerability

  Tags:  excel buffer microsoft code-execution buffer-overflow microsoft-excel  

• November 14, 2012
• 16:00

  Microsoft Excel SST Invalid Length Use After Free Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  Microsoft Excel is prone to a remote code-execution vulnerability.

  Tags:  excel vulnerability microsoft code-execution microsoft-excel sst  

• November 10, 2012
• 6:44

  Microsoft Office Excel 2013 Memory Corruption

   » ‎ Packet Storm Security Recent Files
  Microsoft Office Excel 2013 suffers from a memory corruption vulnerability.

  Tags:  excel office microsoft memory-corruption office-excel microsoft-office  

• November 09, 2012
• 1:11

  Microsoft Office Excel 2007 Memory Corruption

   » ‎ Packet Storm Security Exploits
  Microsoft Office Excel 2007 suffers from a WriteAV memory corruption vulnerability.

  Tags:  excel office microsoft memory-corruption office-excel microsoft-office  

• 1:11

  Microsoft Office Excel 2007 Memory Corruption

   » ‎ Packet Storm Security Recent Files
  Microsoft Office Excel 2007 suffers from a WriteAV memory corruption vulnerability.

  Tags:  excel office microsoft memory-corruption office-excel microsoft-office  

• 1:11

  Microsoft Office Excel 2007 Memory Corruption

   » ‎ Packet Storm Security Misc. Files
  Microsoft Office Excel 2007 suffers from a WriteAV memory corruption vulnerability.

  Tags:  excel office microsoft memory-corruption office-excel microsoft-office  

• October 27, 2012
• 4:44

  Microsoft Office Excel 2010 Memory Corruption

   » ‎ Packet Storm Security Exploits
  Microsoft Office Excel 2010 memory corruption proof of concept exploit.

  Tags:  excel office microsoft memory-corruption proof-of-concept office-excel  

• 4:44

  Microsoft Office Excel 2010 Memory Corruption

   » ‎ Packet Storm Security Recent Files
  Microsoft Office Excel 2010 memory corruption proof of concept exploit.

  Tags:  excel office microsoft memory-corruption proof-of-concept office-excel  

• 4:44

  Microsoft Office Excel 2010 Memory Corruption

   » ‎ Packet Storm Security Misc. Files
  Microsoft Office Excel 2010 memory corruption proof of concept exploit.

  Tags:  excel office microsoft memory-corruption proof-of-concept office-excel  

• October 10, 2012
• 23:47

  Microsoft Office Excel Code Execution

   » ‎ Packet Storm Security Exploits
  Microsoft Office Excel ReadAV arbitrary code execution exploit.

  Tags:  excel microsoft office arbitrary-code-execution excel-code office-excel  

• 23:47

  Microsoft Office Excel Code Execution

   » ‎ Packet Storm Security Recent Files
  Microsoft Office Excel ReadAV arbitrary code execution exploit.

  Tags:  excel microsoft office arbitrary-code-execution excel-code office-excel  

• 23:47

  Microsoft Office Excel Code Execution

   » ‎ Packet Storm Security Misc. Files
  Microsoft Office Excel ReadAV arbitrary code execution exploit.

  Tags:  excel microsoft office arbitrary-code-execution excel-code office-excel  

• 23:47

  Microsoft Office Excel Code Execution

   » ‎ Packet Storm Security Misc. Files
  Microsoft Office Excel ReadAV arbitrary code execution exploit.

  Tags:  excel microsoft office arbitrary-code-execution excel-code office-excel  

• August 23, 2012
• 13:00

  Bugtraq: ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability

  Tags:  excel microsoft series type-mismatch code-execution zdi  

• 11:00

  Bugtraq: ZDI-12-152 : Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-152 : Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability

  Tags:  excel mergecells oracle code-execution zdi bugtraq  

• August 22, 2012
• 0:00

  Vuln: Microsoft Excel CVE-2012-1847 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel CVE-2012-1847 Remote Code Execution Vulnerability

  Tags:  excel microsoft remote code-execution microsoft-excel cve  

• August 21, 2012
• 0:00

  Vuln: Microsoft Excel 'MergeCells' Record Heap Overflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel 'MergeCells' Record Heap Overflow Remote Code Execution Vulnerability

  Tags:  excel microsoft mergecells code-execution microsoft-excel heap  

• January 02, 2012
• 19:09

  Microsoft Office Excel Conditional Expression Ptg Type Confusion Vulnerability

   » ‎ SecuriTeam
  This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft conditional-expression safer-use office-excel  

• December 21, 2011
• 0:00

  Vuln: Microsoft Excel CVE-2011-3403 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel CVE-2011-3403 Remote Code Execution Vulnerability

  Tags:  excel microsoft remote code-execution microsoft-excel cve  

• November 22, 2011
• 17:00

  MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a vulnerability found in Excel 2002 of Microsoft Office XP. By supplying a .xls file with a malformed OBJ (recType 0x5D) record an attacker can get the control of the execution flow. This results arbitrary code execution under the context of the user.

  Tags:  excel office microsoft arbitrary-code-execution microsoft-office-xp xls-file  

• 17:00

  MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a vulnerability found in Excel 2002 of Microsoft Office XP. By supplying a .xls file with a malformed OBJ (recType 0x5D) record an attacker can get the control of the execution flow. This results arbitrary code execution under the context of the user.

  Tags:  excel office microsoft arbitrary-code-execution microsoft-office-xp xls-file  

• 14:00

  [local exploits] - MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local exploits] - MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

  Tags:  excel office microsoft office-excel microsoft-office overflow  

• 0:00

  Vuln: Microsoft Excel OBJ Record Stack Overflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel OBJ Record Stack Overflow Remote Code Execution Vulnerability

  Tags:  excel microsoft obj record-stack stack-overflow code-execution  

• November 21, 2011
• 14:00

  [local exploits] - MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local exploits] - MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow

  Tags:  excel office microsoft office-excel microsoft-office overflow  

• November 07, 2011
• 0:00

  Vuln: Microsoft Excel Data Validation Record Parsing Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Data Validation Record Parsing Buffer Overflow Vulnerability

  Tags:  excel microsoft data buffer-overflow-vulnerability excel-data-validation microsoft-excel  

• November 06, 2011
• 15:54

  MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow

   » ‎ Packet Storm Security Exploits
  This Metasploit module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack-based buffer overflow. This results in arbitrary code execution under the context of the user.

  Tags:  excel office microsoft arbitrary-code-execution based-buffer-overflow microsoft-office-2007  

• 15:54

  MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow

   » ‎ Packet Storm Security Recent Files
  This Metasploit module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack-based buffer overflow. This results in arbitrary code execution under the context of the user.

  Tags:  excel office microsoft arbitrary-code-execution based-buffer-overflow microsoft-office-2007  

• 15:54

  MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow

   » ‎ Packet Storm Security Misc. Files
  This Metasploit module exploits a vulnerability found in Excel of Microsoft Office 2007. By supplying a malformed .xlb file, an attacker can control the content (source) of a memcpy routine, and the number of bytes to copy, therefore causing a stack-based buffer overflow. This results in arbitrary code execution under the context of the user.

  Tags:  excel office microsoft arbitrary-code-execution based-buffer-overflow microsoft-office-2007  

• November 04, 2011
• 15:00

  [local exploits] - MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local exploits] - MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow

  Tags:  excel office microsoft buffer-overflow microsoft-office-2007 xlb  

• 8:33

  Microsoft Excel Use-After-Free

   » ‎ Packet Storm Security Exploits
  Microsoft Excel in Office 2003 version 11.8335.8333 SP3 suffers from a use-after-free vulnerability. Proof of concept included.

  Tags:  use excel microsoft free-microsoft-excel proof-of-concept sp3  

• 8:33

  Microsoft Excel Use-After-Free

   » ‎ Packet Storm Security Recent Files
  Microsoft Excel in Office 2003 version 11.8335.8333 SP3 suffers from a use-after-free vulnerability. Proof of concept included.

  Tags:  use excel microsoft free-microsoft-excel proof-of-concept sp3  

• 8:33

  Microsoft Excel Use-After-Free

   » ‎ Packet Storm Security Misc. Files
  Microsoft Excel in Office 2003 version 11.8335.8333 SP3 suffers from a use-after-free vulnerability. Proof of concept included.

  Tags:  use excel microsoft free-microsoft-excel proof-of-concept sp3  

• 8:25

  Microsoft Excel Memory Corruption

   » ‎ Packet Storm Security Exploits
  Microsoft Excel in Office 2003 version 11.8335.8333 SP3 suffers from a memory corruption vulnerability. Proof of concept included.

  Tags:  excel microsoft memory memory-corruption proof-of-concept microsoft-excel  

• 8:25

  Microsoft Excel Memory Corruption

   » ‎ Packet Storm Security Recent Files
  Microsoft Excel in Office 2003 version 11.8335.8333 SP3 suffers from a memory corruption vulnerability. Proof of concept included.

  Tags:  excel microsoft memory memory-corruption proof-of-concept microsoft-excel  

• 8:25

  Microsoft Excel Memory Corruption

   » ‎ Packet Storm Security Misc. Files
  Microsoft Excel in Office 2003 version 11.8335.8333 SP3 suffers from a memory corruption vulnerability. Proof of concept included.

  Tags:  excel microsoft memory memory-corruption proof-of-concept microsoft-excel  

• November 02, 2011
• 15:53

  Microsoft Excel 2007 SP2 Buffer Overwrite

   » ‎ Packet Storm Security Exploits
  A remote code execution vulnerability exists in the way that Microsoft Excel 2007 SP2 handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. This is the same vulnerability that is referenced in MS11-021. Proof of concept exploit code included.

  Tags:  excel microsoft vulnerability code-execution proof-of-concept microsoft-excel  

• 15:53

  Microsoft Excel 2007 SP2 Buffer Overwrite

   » ‎ Packet Storm Security Recent Files
  A remote code execution vulnerability exists in the way that Microsoft Excel 2007 SP2 handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. This is the same vulnerability that is referenced in MS11-021. Proof of concept exploit code included.

  Tags:  excel microsoft vulnerability code-execution proof-of-concept microsoft-excel  

• September 19, 2011
• 16:36

  Microsoft Office Excel Formula Record Heap Corruption

   » ‎ Packet Storm Security Advisories
  VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.

  Tags:  excel vulnerability microsoft heap-corruption vulnerability-research critical-vulnerability  

• 16:36

  Microsoft Office Excel Formula Record Heap Corruption

   » ‎ Packet Storm Security Recent Files
  VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.

  Tags:  excel vulnerability microsoft heap-corruption vulnerability-research critical-vulnerability  

• 16:36

  Microsoft Office Excel Formula Record Heap Corruption

   » ‎ Packet Storm Security Misc. Files
  VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.

  Tags:  excel vulnerability microsoft heap-corruption vulnerability-research critical-vulnerability  

• September 14, 2011
• 14:58

  iDefense Security Advisory 09.13.11 - Excel Memory Corruption

   » ‎ Packet Storm Security Advisories
  iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. A specific value in the record can trigger a memory corruption vulnerability and may allow arbitrary code execution.

  Tags:  memory excel corruption arbitrary-code-execution idefense-security-advisory memory-corruption  

• 14:58

  iDefense Security Advisory 09.13.11 - Excel Memory Corruption

   » ‎ Packet Storm Security Recent Files
  iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. A specific value in the record can trigger a memory corruption vulnerability and may allow arbitrary code execution.

  Tags:  memory excel corruption arbitrary-code-execution idefense-security-advisory memory-corruption  

• 14:58

  iDefense Security Advisory 09.13.11 - Excel Memory Corruption

   » ‎ Packet Storm Security Misc. Files
  iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. A specific value in the record can trigger a memory corruption vulnerability and may allow arbitrary code execution.

  Tags:  memory excel corruption arbitrary-code-execution idefense-security-advisory memory-corruption  

• 14:55

  iDefense Security Advisory 09.13.11 - Excel Memory Corruption

   » ‎ Packet Storm Security Advisories
  iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. An invalid value of the length field in the record header can trigger an error condition and result in using memory content which has already been freed and may allow arbitrary code execution.

  Tags:  excel idefense memory arbitrary-code-execution idefense-security-advisory memory-corruption  

• 14:55

  iDefense Security Advisory 09.13.11 - Excel Memory Corruption

   » ‎ Packet Storm Security Recent Files
  iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. An invalid value of the length field in the record header can trigger an error condition and result in using memory content which has already been freed and may allow arbitrary code execution.

  Tags:  excel idefense memory arbitrary-code-execution idefense-security-advisory memory-corruption  

• 14:55

  iDefense Security Advisory 09.13.11 - Excel Memory Corruption

   » ‎ Packet Storm Security Misc. Files
  iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. An invalid value of the length field in the record header can trigger an error condition and result in using memory content which has already been freed and may allow arbitrary code execution.

  Tags:  excel idefense memory arbitrary-code-execution idefense-security-advisory memory-corruption  

• August 14, 2011
• 17:04

  Microsoft Excel Memory Corruption Vulnerability

   » ‎ SecuriTeam
  A memory corruption vulnerability was discovered in Microsoft Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel microsoft memory memory-corruption safer-use microsoft-excel  

• August 10, 2011
• 0:00

  Vuln: Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

  Tags:  excel buffer microsoft code-execution buffer-overflow microsoft-excel  

• August 09, 2011
• 9:53

  Excel SLYK Format Parsing Buffer Overflow

   » ‎ Packet Storm Security Exploits
  Excel SLYK format parsing buffer overrun proof of concept denial of service exploit.

  Tags:  excel format slyk buffer-overflow proof-of-concept  

• 9:53

  Excel SLYK Format Parsing Buffer Overflow

   » ‎ Packet Storm Security Recent Files
  Excel SLYK format parsing buffer overrun proof of concept denial of service exploit.

  Tags:  excel format slyk buffer-overflow proof-of-concept  

• 9:53

  Excel SLYK Format Parsing Buffer Overflow

   » ‎ Packet Storm Security Misc. Files
  Excel SLYK format parsing buffer overrun proof of concept denial of service exploit.

  Tags:  excel format slyk buffer-overflow proof-of-concept  

• 0:00

  Vuln: Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

  Tags:  excel buffer microsoft code-execution buffer-overflow microsoft-excel  

• August 08, 2011
• 21:00

  [dos / poc] - Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [dos / poc] - Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC

  Tags:  poc excel slyk vulnerability  

• July 25, 2011
• 12:31

  Apple Security Advisory 2011-07-20-2

   » ‎ Packet Storm Security Advisories
  Apple Security Advisory 2011-07-20-2 - An iWork 9.1 update addresses multiple security issues. A buffer overflow existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue existed in the handling of Microsoft Word documents. Opening a maliciously crafted Microsoft Word document in Pages may lead to an unexpected application termination or arbitrary code execution.

  Tags:  handling excel opening apple-security arbitrary-code-execution microsoft-word-documents microsoft-word-document  

• 12:31

  Apple Security Advisory 2011-07-20-2

   » ‎ Packet Storm Security Recent Files
  Apple Security Advisory 2011-07-20-2 - An iWork 9.1 update addresses multiple security issues. A buffer overflow existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue existed in the handling of Microsoft Word documents. Opening a maliciously crafted Microsoft Word document in Pages may lead to an unexpected application termination or arbitrary code execution.

  Tags:  handling excel opening apple-security arbitrary-code-execution microsoft-word-documents microsoft-word-document  

• 12:31

  Apple Security Advisory 2011-07-20-2

   » ‎ Packet Storm Security Misc. Files
  Apple Security Advisory 2011-07-20-2 - An iWork 9.1 update addresses multiple security issues. A buffer overflow existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue existed in the handling of Excel files. Opening a maliciously crafted Excel file in Numbers may lead to an unexpected application termination or arbitrary code execution. A memory corruption issue existed in the handling of Microsoft Word documents. Opening a maliciously crafted Microsoft Word document in Pages may lead to an unexpected application termination or arbitrary code execution.

  Tags:  handling excel opening apple-security arbitrary-code-execution microsoft-word-documents microsoft-word-document  

• July 14, 2011
• 16:59

  Microsoft Office Excel RealTimeData Record Parsing Code Execution Vulnerability

   » ‎ SecuriTeam
  This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft code-execution safer-use office-excel  

• June 27, 2011
• 0:00

  Vuln: Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

  Tags:  excel buffer microsoft code-execution buffer-overflow microsoft-excel  

• June 16, 2011
• 0:00

  Vuln: Microsoft Excel Array Out Of Bounds Access CVE-2011-1274 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Array Out Of Bounds Access CVE-2011-1274 Remote Code Execution Vulnerability

  Tags:  excel microsoft array code-execution microsoft-excel vulnerability  

• 0:00

  Vuln: Microsoft Excel Heap Memory Corruption CVE-2011-1275 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Heap Memory Corruption CVE-2011-1275 Remote Code Execution Vulnerability

  Tags:  excel microsoft heap heap-memory memory-corruption code-execution  

• 0:00

  Vuln: Microsoft Excel Insufficient Record Validation CVE-2011-1272 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Insufficient Record Validation CVE-2011-1272 Remote Code Execution Vulnerability

  Tags:  excel microsoft record code-execution microsoft-excel vulnerability  

• 0:00

  Vuln: Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Buffer Overflow CVE-2011-1276 Remote Code Execution Vulnerability

  Tags:  excel buffer microsoft code-execution buffer-overflow microsoft-excel  

• May 30, 2011
• 0:00

  Vuln: Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability

  Tags:  excel microsoft hfpicture code-execution microsoft-excel vulnerability  

• April 29, 2011
• 14:18

  Microsoft Office Excel Buffer Overflow

   » ‎ Packet Storm Security Exploits
  Microsoft Office Excel Axis properties record parsing buffer overflow proof of concept exploit that leverages the issue discussed in MS11-021.

  Tags:  excel office microsoft buffer-overflow proof-of-concept office-excel  

• 14:18

  Microsoft Office Excel Buffer Overflow

   » ‎ Packet Storm Security Recent Files
  Microsoft Office Excel Axis properties record parsing buffer overflow proof of concept exploit that leverages the issue discussed in MS11-021.

  Tags:  excel office microsoft buffer-overflow proof-of-concept office-excel  

• 14:18

  Microsoft Office Excel Buffer Overflow

   » ‎ Packet Storm Security Misc. Files
  Microsoft Office Excel Axis properties record parsing buffer overflow proof of concept exploit that leverages the issue discussed in MS11-021.

  Tags:  excel office microsoft buffer-overflow proof-of-concept office-excel  

• 0:00

  Vuln: Microsoft Excel Axis Properties Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Axis Properties Remote Code Execution Vulnerability

  Tags:  excel microsoft axis  

• April 20, 2011
• 19:47

  Microsoft Excel 2007 Office Drawing Layer Code Execution Vulnerability

   » ‎ SecuriTeam
  This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel 2007.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  code excel microsoft code-execution safer-use microsoft-excel  

• April 15, 2011
• 7:27

  Microsoft Office Excel Real Time Data Stack Overwrite

   » ‎ Packet Storm Security Advisories
  The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.

  Tags:  excel vulnerability microsoft vulnerability-research real-time-data critical-vulnerability  

• 7:27

  Microsoft Office Excel Real Time Data Stack Overwrite

   » ‎ Packet Storm Security Recent Files
  The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.

  Tags:  excel vulnerability microsoft vulnerability-research real-time-data critical-vulnerability  

• 7:27

  Microsoft Office Excel Real Time Data Stack Overwrite

   » ‎ Packet Storm Security Misc. Files
  The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.

  Tags:  excel vulnerability microsoft vulnerability-research real-time-data critical-vulnerability  

• 0:00

  Vuln: Microsoft Excel Data Validation Record Parsing Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Data Validation Record Parsing Buffer Overflow Vulnerability

  Tags:  excel microsoft data buffer-overflow-vulnerability excel-data-validation microsoft-excel  

• April 14, 2011
• 8:49

  iDEFENSE Security Advisory 2007-04-12.2

   » ‎ Packet Storm Security Advisories
  iDefense Security Advisory 04.12.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a specially crafted Excel file. Specific values within this file can trigger a memory corruption vulnerability and may allow arbitrary code execution. The following Microsoft products are vulnerable: Excel 2002 SP3, Excel 2002 SP3, Excel 2003 SP3, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac.

  Tags:  excel idefense vulnerability mac file-format-converter arbitrary-code-execution idefense-security-advisory  

• 8:49

  iDEFENSE Security Advisory 2007-04-12.2

   » ‎ Packet Storm Security Recent Files
  iDefense Security Advisory 04.12.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a specially crafted Excel file. Specific values within this file can trigger a memory corruption vulnerability and may allow arbitrary code execution. The following Microsoft products are vulnerable: Excel 2002 SP3, Excel 2002 SP3, Excel 2003 SP3, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac.

  Tags:  excel idefense vulnerability mac file-format-converter arbitrary-code-execution idefense-security-advisory  

• 8:49

  iDEFENSE Security Advisory 2007-04-12.2

   » ‎ Packet Storm Security Misc. Files
  iDefense Security Advisory 04.12.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a specially crafted Excel file. Specific values within this file can trigger a memory corruption vulnerability and may allow arbitrary code execution. The following Microsoft products are vulnerable: Excel 2002 SP3, Excel 2002 SP3, Excel 2003 SP3, Office 2004 for Mac, Office 2008 for Mac, Open XML File Format Converter for Mac.

  Tags:  excel idefense vulnerability mac file-format-converter arbitrary-code-execution idefense-security-advisory  

• April 13, 2011
• 0:00

  Vuln: Microsoft Excel CVE-2011-0103 Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel CVE-2011-0103 Memory Corruption Vulnerability

  Tags:  excel microsoft memory memory-corruption microsoft-excel cve  

• April 12, 2011
• 19:46

  Microsoft Office Excel Office Art Object Parsing Code Execution Vulnerability

   » ‎ SecuriTeam
  This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft art-object code-execution safer-use  

• 0:00

  Vuln: Microsoft Excel Drawing Layer Dangling Pointer Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Drawing Layer Dangling Pointer Remote Code Execution Vulnerability

  Tags:  excel microsoft layer dangling-pointer code-execution microsoft-excel  

• 0:00

  Vuln: Microsoft Excel 'RealTimeData' Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel 'RealTimeData' Record Parsing Remote Code Execution Vulnerability

  Tags:  excel realtimedata microsoft code-execution microsoft-excel vulnerability  

• January 31, 2011
• 11:22

  Microsoft Excel Spreadsheets Expose User PIN For Secure Printing

   » ‎ Packet Storm Security Recent Files
  Whitepaper called Microsoft Excel Spreadsheets Expose User PIN Used For Confidential/Secure Printing.

  Tags:  excel spreadsheets microsoft microsoft-excel-spreadsheets whitepaper  

• 11:22

  Microsoft Excel Spreadsheets Expose User PIN For Secure Printing

   » ‎ Packet Storm Security Misc. Files
  Whitepaper called Microsoft Excel Spreadsheets Expose User PIN Used For Confidential/Secure Printing.

  Tags:  excel spreadsheets microsoft microsoft-excel-spreadsheets whitepaper  

• December 21, 2010
• 10:46

  Microsoft Office Excel Ghost Record Type Parsing Vulnerability

   » ‎ SecuriTeam
  Microsoft Office Excel contains Vulnerability caused by an input validation error when processing certain elements in a Ghost record.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft validation-error input-validation safer-use  

• December 14, 2010
• 22:12

  Microsoft Office Excel Out-of-Bounds Memory Write Vulnerability

   » ‎ SecuriTeam
  Microsoft Office Excel contains a vulnerability caused by a memory corruption error when processing certain structures in an Excel file.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  office excel microsoft memory-corruption safer-use office-excel  

• December 09, 2010
• 19:03

  Microsoft Office Excel Negative Future Function Vulnerability

   » ‎ SecuriTeam
  Microsoft Office Excel contains a memory corruption vulnerability.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft memory-corruption safer-use office-excel  

• 18:58

  Microsoft Office Excel Merge Cell Record Invalid Pointer Vulnerability

   » ‎ SecuriTeam
  Microsoft Office Excel contains an invalid pointer vulnerability.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft invalid-pointer safer-use microsoft-office  

• 18:58

  Microsoft Office Excel Extra PtgExtraArray Parsing Vulnerability

   » ‎ SecuriTeam
  Microsoft Office Excel contains a memory corruption vulnerability.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft memory-corruption safer-use office-excel  

• 18:53

  Microsoft Office Excel RealTimeData Array Indexing Vulnerability

   » ‎ SecuriTeam
  Microsoft Office Excel contains an array indexing vulnerability.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft safer-use office-excel microsoft-office  

• December 07, 2010
• 11:58

  Microsoft Office Excel Record Array Indexing Vulnerability

   » ‎ SecuriTeam
  Microsoft Office Excel contains an array indexing vulnerability.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft safer-use office-excel microsoft-office  

• 11:58

  Microsoft Office Excel Formula Record Dangling Pointer Vulnerability

   » ‎ SecuriTeam
  Microsoft Office Excel contains a Dangling Pointer Vulnerability.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft dangling-pointer excel-formula safer-use  

• November 22, 2010
• 0:00

  Vuln: Apple Mobile OfficeImport Framework Excel Record Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Apple Mobile OfficeImport Framework Excel Record Memory Corruption Vulnerability

  Tags:  excel framework officeimport apple-mobile memory-corruption vulnerability apple  

• October 14, 2010
• 22:01

  vupen-msoenff.txt

   » ‎ Packet Storm Security Advisories
  VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing a negative future function while parsing an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

  Tags:  txt excel vulnerability vulnerability-research critical-vulnerability memory-corruption  

• 22:01

  vupen-msoeepp.txt

   » ‎ Packet Storm Security Advisories
  VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing PtgExtraArray structures in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

  Tags:  txt excel vulnerability vulnerability-research critical-vulnerability memory-corruption  

• 22:01

  vupen-msoertdai.txt

   » ‎ Packet Storm Security Advisories
  VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an array indexing error when processing RealTimeData records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

  Tags:  txt excel vulnerability vulnerability-research critical-vulnerability office-excel  

• 22:01

  vupen-msoeoobmw.txt

   » ‎ Packet Storm Security Advisories
  VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing certain structures in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

  Tags:  txt excel vulnerability vulnerability-research critical-vulnerability memory-corruption  

• 22:00

  vupen-msoegrtp.txt

   » ‎ Packet Storm Security Advisories
  VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an input validation error when processing certain elements in a Ghost record, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

  Tags:  txt excel vulnerability vulnerability-research critical-vulnerability validation-error  

• 0:00

  Vuln: Microsoft Excel Out-of-Bounds Memory Write (CVE-2010-3241) Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Out-of-Bounds Memory Write (CVE-2010-3241) Remote Code Execution Vulnerability

  Tags:  excel microsoft bounds code-execution microsoft-excel vulnerability  

• 0:00

  Vuln: Microsoft Excel Record Parsing Remote Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Record Parsing Remote Buffer Overflow Vulnerability

  Tags:  excel microsoft record buffer-overflow-vulnerability remote-buffer-overflow remote-buffer-overflow-vulnerability  

• 0:00

  Vuln: Microsoft Excel Record Validation (CVE-2010-3240) Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Record Validation (CVE-2010-3240) Remote Code Execution Vulnerability

  Tags:  excel microsoft record code-execution microsoft-excel vulnerability  

• 0:00

  Vuln: Microsoft Excel BIFF Record Parsing Dangling Pointer Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel BIFF Record Parsing Dangling Pointer Remote Code Execution Vulnerability

  Tags:  excel microsoft biff dangling-pointer code-execution  

• 0:00

  Vuln: Microsoft Excel Formula Substream (CVE-2010-3234) Memory Corruption Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Formula Substream (CVE-2010-3234) Memory Corruption Vulnerability

  Tags:  excel microsoft formula memory-corruption excel-formula microsoft-excel  

• October 13, 2010
• 21:00

  secunia-mslotus.txt

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error in the parsing of certain records in Lotus 1-2-3 workbooks. This can be exploited to cause a heap-based buffer overflow via a Lotus 1-2-3 file containing a specially crafted, overly long record. Successful exploitation may allow execution of arbitrary code. Microsoft Excel versions 2002 SP3 and 2003 SP3 are affected.

  Tags:  excel microsoft vulnerability based-buffer-overflow lotus-1-2-3 code-microsoft  

• 21:00

  secunia-mserp.txt

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused by a sign-extension error and integer overflow when processing a certain record type and can be exploited to cause a heap-based buffer overflow via a specially crafted Excel file. Successful exploitation may allow execution of arbitrary code. Microsoft Excel version 2002 SP3 is affected.

  Tags:  excel vulnerability overflow based-buffer-overflow integer-overflow code-microsoft  

• 0:00

  Vuln: Microsoft Excel Record Validation Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Record Validation Remote Code Execution Vulnerability

  Tags:  excel microsoft record code-execution microsoft-excel vulnerability  

• 0:00

  Vuln: Microsoft Excel Record Parsing Sign Extension Integer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Record Parsing Sign Extension Integer Overflow Vulnerability

  Tags:  excel microsoft record integer-overflow-vulnerability microsoft-excel  

• 0:00

  Vuln: Microsoft Excel Ghost Record Type Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Ghost Record Type Remote Code Execution Vulnerability

  Tags:  excel microsoft ghost code-execution microsoft-excel vulnerability  

• October 11, 2010
• 19:16

  Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow vulnerability

   » ‎ SecuriTeam
  A stack based buffer overflow vulnerability in Microsoft Excel 2002 (Office XP) can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted spreadsheet files with the .XLS extension.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft buffer-overflow-vulnerability microsoft-excel-2002 based-buffer-overflow  

• September 29, 2010
• 0:00

  Vuln: Microsoft Excel SxView Record Parsing Memory Corruption Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel SxView Record Parsing Memory Corruption Remote Code Execution Vulnerability

  Tags:  excel sxview microsoft memory-corruption code-execution microsoft-excel  

• September 24, 2010
• 14:00

  [local exploits] - Microsoft Excel OBJ Record Stack Overflow

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local exploits] - Microsoft Excel OBJ Record Stack Overflow

  Tags:  excel microsoft obj record-stack stack-overflow microsoft-excel  

• 0:00

  Vuln: Microsoft Excel OBJ Record Stack Overflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel OBJ Record Stack Overflow Remote Code Execution Vulnerability

  Tags:  excel microsoft obj record-stack stack-overflow code-execution  

• September 21, 2010
• 0:00

  Vuln: Microsoft Excel WOPT Record Parsing Heap Memory Corruption Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel WOPT Record Parsing Heap Memory Corruption Remote Code Execution Vulnerability

  Tags:  excel microsoft wopt heap-memory memory-corruption code-execution  

• September 16, 2010
• 0:00

  Vuln: Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel HFPicture Record Parsing Remote Code Execution Vulnerability

  Tags:  excel microsoft hfpicture code-execution microsoft-excel vulnerability  

• September 10, 2010
• 0:00

  Vuln: Microsoft Excel Real Time Data (RTD) Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Real Time Data (RTD) Remote Code Execution Vulnerability

  Tags:  excel microsoft real real-time-data code-execution microsoft-excel  

• September 09, 2010
• 14:00

  [local expoits] - Excel RTD Memory Corruption

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local expoits] - Excel RTD Memory Corruption

  Tags:  excel expoits rtd memory-corruption  

• 14:00

  [local exploits] - Excel RTD Memory Corruption

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [local exploits] - Excel RTD Memory Corruption

  Tags:  exploit excel rtd memory-corruption exploits  

• August 28, 2010
• 4:18

  MS Excel Malformed FEATHEADER Record Exploit

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  MS Excel Malformed FEATHEADER Record Exploit

  Tags:  excel featheader malformed ms-excel  

• August 23, 2010
• 17:29

  msexcelfeatheader-overflow.txt

   » ‎ Packet Storm Security Recent Files
  Microsoft Excel Featheader buffer overflow exploit that leverages the vulnerability noted in MS09-067.

  Tags:  txt excel microsoft buffer-overflow-exploit microsoft-excel vulnerability  

• 17:29

  msexcelfeatheader-overflow.txt

   » ‎ Packet Storm Security Exploits
  Microsoft Excel Featheader buffer overflow exploit that leverages the vulnerability noted in MS09-067.

  Tags:  txt excel microsoft buffer-overflow-exploit microsoft-excel vulnerability  

• August 10, 2010
• 14:00

  Bugtraq: CORE-2010-0407: Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow

   » ‎ SecurityFocus Vulnerabilities
  CORE-2010-0407: Microsoft Office Excel PivotTable Cache Data Record Buffer Overflow

  Tags:  excel office microsoft buffer-overflow pivottable cache-data  

• 0:00

  Vuln: Microsoft Excel 'PivotTable Cache Data' Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel 'PivotTable Cache Data' Record Parsing Remote Code Execution Vulnerability

  Tags:  excel microsoft pivottable code-execution cache-data  

• July 05, 2010
• 2:58

  Microsoft Office Excel OBJ Stack Overflow Vulnerability

   » ‎ SecuriTeam
  A critical vulnerability was discovered affecting Microsoft Office Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft overflow-vulnerability stack-overflow critical-vulnerability  

• 0:31

  Microsoft Office Excel RTD Heap Corruption Vulnerability

   » ‎ SecuriTeam
  A critical vulnerability was discovered affecting Microsoft Office Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft heap-corruption critical-vulnerability safer-use  

• 0:31

  Microsoft Office Excel SxView Memory Corruption Vulnerability

   » ‎ SecuriTeam
  A critical Vulnerability was disvoered affecting Microsoft Office Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft critical-vulnerability memory-corruption safer-use  

• June 24, 2010
• 0:00

  Vuln: Microsoft Excel 'FEATHEADER' Record Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel 'FEATHEADER' Record Remote Code Execution Vulnerability

  Tags:  excel microsoft record code-execution microsoft-excel vulnerability  

• June 09, 2010
• 0:00

  Vuln: Microsoft Excel CVE-2010-1251 Record Parsing Stack Corruption Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel CVE-2010-1251 Record Parsing Stack Corruption Remote Code Execution Vulnerability

  Tags:  excel microsoft record code-execution microsoft-excel cve  

• 0:00

  Vuln: Microsoft Excel CVE-2010-1252 String Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel CVE-2010-1252 String Parsing Remote Code Execution Vulnerability

  Tags:  excel microsoft string code-execution microsoft-excel cve  

• 0:00

  Vuln: Microsoft Excel WOPT Record Parsing Heap Memory Corruption Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel WOPT Record Parsing Heap Memory Corruption Remote Code Execution Vulnerability

  Tags:  excel microsoft wopt heap-memory memory-corruption code-execution  

• 0:00

  Vuln: Microsoft Excel SxView Record Parsing Memory Corruption Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel SxView Record Parsing Memory Corruption Remote Code Execution Vulnerability

  Tags:  excel sxview microsoft memory-corruption code-execution microsoft-excel  

• 0:00

  Vuln: Microsoft Excel RTD Records Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel RTD Records Remote Code Execution Vulnerability

  Tags:  excel microsoft rtd code-execution microsoft-excel  

• 0:00

  Vuln: Microsoft Excel EDG and Publisher Record Parsing Remote Heap Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel EDG and Publisher Record Parsing Remote Heap Buffer Overflow Vulnerability

  Tags:  excel microsoft edg buffer-overflow-vulnerability microsoft-excel  

• 0:00

  Vuln: Microsoft Excel OBJ Record Stack Overflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel OBJ Record Stack Overflow Remote Code Execution Vulnerability

  Tags:  excel microsoft obj record-stack stack-overflow code-execution  

• 0:00

  Vuln: Microsoft Excel 'ExternName' Record Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel 'ExternName' Record Remote Code Execution Vulnerability

  Tags:  excel microsoft externname code-execution microsoft-excel vulnerability  

• June 08, 2010
• 19:00

  secunia-merpiv.txt

   » ‎ Packet Storm Security Recent Files
  Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to insufficient input validation when parsing a certain record type. This may lead to a variety of errors, including corruption of data on the stack. Successful exploitation may allow execution of arbitrary code. Microsoft Excel 2002 is affected.

  Tags:  excel microsoft vulnerability microsoft-excel-2002 code-microsoft input-validation  

• 19:00

  secunia-mespuv.txt

   » ‎ Packet Storm Security Recent Files
  Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an uninitialised variable being used as size argument when copying data during parsing of certain record types. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Microsoft Excel 2002 is affected.

  Tags:  excel microsoft vulnerability microsoft-excel-2002 code-microsoft size-argument  

• 19:00

  ZDI-10-103.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-103 - This particular vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel. User interaction is required in that a target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of DBQueryExt records in an Excel spreadsheet. Due to the lack of checking when parsing particular fields within the structure, it is possible to get a user-controlled pointer to be called. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user.

  Tags:  excel code user code-execution excel-user excel-spreadsheet  

• 19:00

  secunia-merpiv.txt

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to insufficient input validation when parsing a certain record type. This may lead to a variety of errors, including corruption of data on the stack. Successful exploitation may allow execution of arbitrary code. Microsoft Excel 2002 is affected.

  Tags:  excel microsoft vulnerability microsoft-excel-2002 code-microsoft input-validation  

• 19:00

  secunia-mespuv.txt

   » ‎ Packet Storm Security Advisories
  Secunia Research has discovered a vulnerability in Microsoft Excel, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an uninitialised variable being used as size argument when copying data during parsing of certain record types. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Microsoft Excel 2002 is affected.

  Tags:  excel microsoft vulnerability microsoft-excel-2002 code-microsoft size-argument  

• 13:00

  Bugtraq: ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability

  Tags:  excel office microsoft code-execution office-excel zdi  

• 0:00

  Vuln: Microsoft Excel CVE-2010-0821 'SxView' Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel CVE-2010-0821 'SxView' Record Parsing Remote Code Execution Vulnerability

  Tags:  excel sxview microsoft code-execution microsoft-excel cve  

• 0:00

  Vuln: Microsoft Excel 'DBQueryExt' ActiveX Data Object (ADO) Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel 'DBQueryExt' ActiveX Data Object (ADO) Parsing Remote Code Execution Vulnerability

  Tags:  dbqueryext excel microsoft activex-data-object code-execution microsoft-excel  

• May 20, 2010
• 21:31

  Microsoft Office Excel Record Processing Code Execution Vulnerability

   » ‎ SecuriTeam
  A critical vulnerability was discovered affecting Microsoft Office Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft critical-vulnerability code-execution safer-use  

• 21:29

  Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability

   » ‎ SecuriTeam
  A memory corruption occurs on Microsoft Office Excel 2002 when parsing a .XLS file with a malformed DbOrParamQry record.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft memory-corruption safer-use xls-file  

• 21:21

  Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

   » ‎ SecuriTeam
  This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel office microsoft code-execution safer-use office-excel  

• March 23, 2010
• 5:55

  Microsoft Excel FNGROUPNAME Record Uninitialized Memory Vulnerability

   » ‎ SecuriTeam
  Remote exploitation of an uninitialized memory vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel microsoft memory safer-use microsoft-corp microsoft-excel  

• 5:20

  Microsoft Excel MDXTUPLE Record Heap Overflow Vulnerability

   » ‎ SecuriTeam
  Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  excel microsoft heap overflow-vulnerability safer-use microsoft-corp  

• March 22, 2010
• 0:00

  Vuln: Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability

  Tags:  excel microsoft dborparamqry code-execution microsoft-excel vulnerability  

• March 10, 2010
• 19:00

  excel-codeexec.txt

   » ‎ Packet Storm Security Recent Files
  VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Office Excel. The flaw is caused by a memory corruption error when processing malformed EntExU2 records in an Excel document, which could be exploited by attackers to execute arbitrary code.

  Tags:  txt excel vulnerability vulnerability-research critical-vulnerability memory-corruption  

• 19:00

  excel-codeexec.txt

   » ‎ Packet Storm Security Advisories
  VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Office Excel. The flaw is caused by a memory corruption error when processing malformed EntExU2 records in an Excel document, which could be exploited by attackers to execute arbitrary code.

  Tags:  txt excel vulnerability vulnerability-research critical-vulnerability memory-corruption  

• 8:00

  03.09.10-1.txt

   » ‎ Packet Storm Security Recent Files
  iDefense Security Advisory 03.09.10 - Remote exploitation of a type confusion vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability is a type confusion vulnerability that occurs when parsing several related Excel record types. In this case, the type confusion is due to multiple records containing fields that identify the type of an object shared between them. By controlling memory outside of the bounds of the allocated heap chunk, an attacker can control a C++ object pointer used in a virtual function call. This can result in an area of memory being treated as a different type of object than it actually is, resulting in access outside of the bounds of the allocated object. iDefense has confirmed the existence of this vulnerability in all currently supported versions of Excel (2007 SP1/SP2, 2003 SP3, XP SP3), and also the currently unsupported Excel 2000 SP3. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.

  Tags:  excel type vulnerability microsoft-security-bulletin object-pointer sp1-sp2  

• 8:00

  03.09.10-2.txt

   » ‎ Packet Storm Security Recent Files
  iDefense Security Advisory 03.09.10 - Remote exploitation of an uninitialized memory vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs due to Excel using a local function variable without properly initializing it. This error occurs when parsing several related records inside of an Excel worksheet. When Excel parses certain records in a particular order, a stack variable may not be initialized properly. If an attacker can control the area of memory used for this variable, then it is possible to execute arbitrary code on the targeted host. iDefense has confirmed the existence of this vulnerability in Excel versions 2003 SP3, 2007 SP0, SP1, and SP3 . Previous versions do not appear to be affected. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.

  Tags:  excel microsoft vulnerability microsoft-security-bulletin ms10 excel-worksheet  

• 8:00

  03.09.10-1.txt

   » ‎ Packet Storm Security Advisories
  iDefense Security Advisory 03.09.10 - Remote exploitation of a type confusion vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability is a type confusion vulnerability that occurs when parsing several related Excel record types. In this case, the type confusion is due to multiple records containing fields that identify the type of an object shared between them. By controlling memory outside of the bounds of the allocated heap chunk, an attacker can control a C++ object pointer used in a virtual function call. This can result in an area of memory being treated as a different type of object than it actually is, resulting in access outside of the bounds of the allocated object. iDefense has confirmed the existence of this vulnerability in all currently supported versions of Excel (2007 SP1/SP2, 2003 SP3, XP SP3), and also the currently unsupported Excel 2000 SP3. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.

  Tags:  excel type vulnerability microsoft-security-bulletin object-pointer sp1-sp2  

• 8:00

  03.09.10-2.txt

   » ‎ Packet Storm Security Advisories
  iDefense Security Advisory 03.09.10 - Remote exploitation of an uninitialized memory vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs due to Excel using a local function variable without properly initializing it. This error occurs when parsing several related records inside of an Excel worksheet. When Excel parses certain records in a particular order, a stack variable may not be initialized properly. If an attacker can control the area of memory used for this variable, then it is possible to execute arbitrary code on the targeted host. iDefense has confirmed the existence of this vulnerability in Excel versions 2003 SP3, 2007 SP0, SP1, and SP3 . Previous versions do not appear to be affected. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.

  Tags:  excel microsoft vulnerability microsoft-security-bulletin ms10 excel-worksheet  

• 0:00

  Vuln: Microsoft Excel MDXSET Record Remote Heap Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel MDXSET Record Remote Heap Buffer Overflow Vulnerability

  Tags:  excel microsoft mdxset buffer-overflow-vulnerability microsoft-excel heap  

• 0:00

  Vuln: Microsoft Excel FNGROUPNAME Record Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel FNGROUPNAME Record Remote Code Execution Vulnerability

  Tags:  excel microsoft fngroupname code-execution microsoft-excel vulnerability  

• 0:00

  Vuln: Microsoft Excel Object Type Confusion Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel Object Type Confusion Remote Code Execution Vulnerability

  Tags:  object excel microsoft code-execution microsoft-excel vulnerability  

• 0:00

  Vuln: Microsoft Excel MDXTUPLE Record Remote Heap Buffer Overflow Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel MDXTUPLE Record Remote Heap Buffer Overflow Vulnerability

  Tags:  excel microsoft mdxtuple buffer-overflow-vulnerability microsoft-excel heap  

• 0:00

  Vuln: Microsoft Excel EntExU2 Record Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel EntExU2 Record Remote Code Execution Vulnerability

  Tags:  excel microsoft entexu code-execution microsoft-excel vulnerability  

• March 09, 2010
• 12:00

  Bugtraq: ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

  Tags:  excel office microsoft code-execution office-excel zdi  

• 0:00

  Vuln: Microsoft Excel XLSX File Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel XLSX File Parsing Remote Code Execution Vulnerability

  Tags:  excel microsoft xlsx code-execution microsoft-excel vulnerability  

• 0:00

  Vuln: Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Microsoft Excel DbOrParamQry Record Remote Code Execution Vulnerability

  Tags:  excel microsoft dborparamqry code-execution microsoft-excel vulnerability  

• 0:00

  Microsoft Plugs Dangerous Excel Security Holes

   » ‎ Packet Storm Security Headlines
  Microsoft Plugs Dangerous Excel Security Holes

  Tags:  excel microsoft plugs excel-security security-holes  

• February 09, 2010
• 17:00

  CORE-2009-0827.txt

   » ‎ Packet Storm Security Advisories
  Core Security Technologies Advisory - A vulnerability exists in MSO.DLL affecting Excel 9 (Office 2000) and Excel 10 (Office XP) in the code responsible for parsing OfficeArtSpgr (recType 0xF003) containers that allows an attacker to cause a class pointer to be interpreted incorrectly, leading to code execution in the context of the currently logged on user.

  Tags:  core office excel security-technologies office-2000 office-xp  

• 14:00

  Bugtraq: CORE-2009-0827: Microsoft Office Excel / Word OfficeArtSpgr Container Pointer Overwrite Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  CORE-2009-0827: Microsoft Office Excel / Word OfficeArtSpgr Container Pointer Overwrite Vulnerability

  Tags:  excel microsoft office office-excel overwrite microsoft-office